> When an attacker tries to exploit e.g. an overflow the child is likely > to crash, but the next attempt after a crash of the child will find a > new address layout, making it harder to re-use information gathered in > the previous attempt. > > -Otto >
Actually Otto the word "harder" bothers me. It is much closer to impossible than probable. An attacker needs a pointer or offset to reach a specific object. If it doesn't reach the right thing, that isn't really computation. Generally attackers need objects to behave properly before they have a looping construct..
